package util;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.RequestProcessor;
import java.io.IOException;

import dao.Usertemp;

public class RequestProcessorEx extends RequestProcessor
{
	protected boolean processRoles( HttpServletRequest request,
								HttpServletResponse response,
								ActionMapping mapping )
							throws IOException, ServletException
	{
		String[] roles = mapping.getRoleNames();

		if( roles!=null && roles.length>0 )
		{
			Usertemp user = (Usertemp)request.getSession().getAttribute("SESSION_USERINFO");
			if(null==user)
			{
				//response.sendRedirect(request.getContextPath()+"/login.jsp" ); 
				//sendRedirect与RequestDispatcher不仅在路径设置上不同，而且前者不能返回信息(跟为安全)
				RequestDispatcher rd=request.getRequestDispatcher("/login.jsp");
				request.setAttribute("message", "illegal to access");
				rd.forward(request, response);
				return false;
			}
		}
		return true;
	}
}

